Webhook Integration

 

A webhook is a user-defined HTTP callback. webMethods.io Integration supports incoming webhooks.

  1. This section helps to set up WebHook Integration for CyberCNS.

  2. This screen is likely to change as we go on adding more integrations.

  • Navigate to Global Settings() > Integrations and choose WebHook from the integrations listed here.

  • It will lead to “Add credentials” for your WebHook Instance. Provide details as requested.

  • Input WebHook Credentials as requested. Credential Name, WebHook URL, WebHook Authentication URL, WebHook Username, WebHook Password, Authentication Header Key, Authentication Header Value, and Associated company details are required to configure successfully.

Enter Credentials

  1. Enter Credential Name: Choose a name of your choice for the set of credentials to be added.

  2. Enter WebHook URL: Enter a WebHook URL for the credentials to be added.

  3. Enter WebHook Authentication URL: Enter a WebHook Authentication URL for the credentials to be added.

  4. Enter WebHook Username: Enter a WebHook Username for the credentials to be added.

  5. Enter WebHook Password: Enter a WebHook Password for the credentials to be added.

  6. Enter Authentication Header Key: Enter an Authentication Header Key for the credentials to be added.

  7. Enter Authentication Header Value: Enter an Authentication Header Value for the credentials to be added.

  8. Select an associated company: To map these credentials to the company, please select Associated Company from the dropdown.

  • How to fetch Authentication Header Key and Authentication Header Value, refer to the below link:

https://docs.webmethods.io/integration/developer_guide/webhook/#ta-webhook_authentication

Company Mapping

  • In Company Mapping events for alerting are to be set by using Event Set, Integration Profile, and Manage Company Mapping.

Event Set

  • Under the Event Set, click on +Add to add the Alert Rule.

  • Here a set of Events is to be set to get notified for. Those events are categorized as Agent, Company, Asset, Ports, Remediation, Vulnerability, Azure error, and AD Audit. Every category will have certain events which can be set.

  • Enter the Event Name and select the category and an Event/s as required.

  • Every Category has a set of events/alerts under them which can be selected as per the requirement.

 

  • The Agent & Company category has the below-listed alerts and selection of all or any is allowed.

  • e.g. Asset category has below-listed alerts and selection of all or any is allowed.

  • The Ports category has the below-listed alerts, and the selection of all or anyone is allowed.

  • The Remediation category has the Remediation Group, selection of Remediation by Company OR Remediation by Assets OR Remediation by Product OR Remediation by Product(grouped by a fix), Remediation by Asset and Product is allowed, and Enable Remediation for Critical and High Severity(Select any one of them).

  • For the Remediation Filters, Enable Tickets for Critical High severity Remediations, Enable Tickets for Remediations with EPSS greater than 0.95, Enable Tickets for Remediations with EPSS greater than 0.90, Enable Tickets for Remediations with EPSS greater than 0.85, Enable Tickets for Remediations with EPSS greater than 0.50

  • For the Vulnerability & Azure error category, the below-listed alert, and selection is allowed.

  • For the AD Audit category below-listed alerts are available and selection of all or any is allowed. (Make sure to select the needed as it will create tickets based on the events)

  • For the Azure AD Audit & Unquoted service path category, the below-listed alert, and selection is allowed.

  • For the Reports, the below-listed alerts and selections are allowed.

  • Once the above details are selected, click on Save.

  • There is an option to Edit, Delete and set as default, for the Alert Rules using the Action column. The listed Alert Rule can be edited and deleted if needed.

  • For setting the created Event as default, select the option Set as Default.

  • To confirm the Set as a default action, select Yes or No in the confirmation dialogue box.

  • Once the event is set to default, under the Is Default column, the status Yes can be seen.

Integration Profile

Users will be able to set Alerting rules from integrations right away for conditions listed under it.

  • Under the Integration Profile, click on +Add to add the Integration Rule.

  • Enter the Name, Select the credential, and fill out all of the required fields in the Integration Parameters.

  • Once the below details are provided, click on Save.

  • There is an option to Edit, Delete, and Set as default under the Integration Rules using the Action column. The listed Integration Rule can be edited and deleted if needed.

  • For setting the newly created Event as the default, select the option Set as Default.

  • To confirm the Set as default, select Yes or No in the confirmation dialogue box.

Manage Company Mapping

  • Click on Manage Company Mapping.

  • Choose Jira Credentials from the dropdown and click on + Add to add Integration Mapping for specific companies.

  • In New Company Mapping, choose the Jira Credential which is listed. (These are to be added under the Integration> Credentials section for Jira).

  • In case the local company is already created in CyberCNS and is to be mapped with WebHook company, then select Map Existing Company to Jira company and click on Next.

  • As shown in the below image, select the Local company( CyberCNS) by using a dropdown or with the search bar as per the requirement so it will map the companies accordingly.

  • Please choose/select the Pause Ticket Creation option only if no notifications are required using this integration and click Add.

  • Please choose/select Enable WebHook ALerts option only if asset configurations are required using this integration and click Enable.

  • Once the WebHook alerts are enabled, select the Event Set, and the Integration Profile, and click on '+' to add the record.

  • Delete the Integration profile in case not required using the bin icon as shown below.

  • Click on Add to see all the details of the selected fields and click on Finish.

  • Once all the fields are provided, Click on Finish to map all the selected Jira companies.

  • Delete the company record in case not required using the bin icon as shown below.

  • Selected companies are shown in the image below, along with details such as Existing Company Name, Company Name, Event Set, Integration Profile, Pause Ticket Creation, Mapped Date, and Enable Configuration status.

  • Here click on Copy Settings to Copy the company mapping settings to other company mappings.

  • To copy the settings, select the desired company mappings and click on Update. This will copy the event set, integration profile, and ticket creation fields from the source company mapping to the selected target company mappings.

 

  • Using the Action column can edit or delete the integration mapping. Any mapping can be edited or deleted, whenever necessary.

This completes the documentation of WebHook Integration.